Categories

HTTP Headers for Wordpress

Posted on: May 15, 2016 by Dimitar Ivanov

Overview

HTTP Headers is a WordPress plugin who gives your control over the HTTP headers returned by your wordpress based blog or website.
Helps to protect from XSS, MITM and Clickjacking attacks. Overcomes the limitations of the same-origin policy.

These HTTP headers are being used in production services by popular websites as Facebook, Google+, Twitter, LinkedIn, YouTube, Yahoo, Amazon, Ebay, Paypal, Instagram, Pinterest, Dropbox, Reddit, Netflix, Tumblr, Blogger and many more.

If you have any question about the HTTP Headers for WordPress, leave a comment below. And do not be shy to share this article. Thanks so much for reading!

Dimitar Ivanov

Dimitar Ivanov is a senior LAMP developer, javascript engineer, web performance-obsessed.
He is programming since 2003 and loves to build web applications.
You can find him on Twitter,
LinkedIn and
GitHub.

Subscribe to our newsletter

Join our mailing list and stay tuned! Never miss out news about Zino UI, new releases, or even blog post.

Hi. Great plugin.
I'm having, though, one issue with Access-Control-Allow-Origin. Whatever the value I set, I get two Access-Control-Allow-Origin headers, one with the actual value, and another with my localhost.

So for me is not working because only one Access-Control-Allow-Origin header is allowed

To use this plugin on Nginx web servers you can activate the PHP-mode. Although this mode does not provide the full capabilities as the Apache-mode does, you are still able to benefit from most essential features.
However, I have a plan for next release to support Nginx throughout a configuration file in the same manner as .htaccess for Apache.